28 matches found
EUVD-2023-25607
Malicious code in bioql PyPI...
Security Bulletin: Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus (Multiple CVEs)
Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus. These were disclosed as part of the IBM Java SDK updates in November 2022 and February 2023. Vulnerability Details CVEID:CVE-2022-21426 DESCRIPTION: An...
pan.newbreedsms.com Cross Site Scripting vulnerability OBB-3205103
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
ClamAV HFS+ Partition Scanning Buffer Overflow Vulnerability Affecting Cisco Products: February 2023
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code...
CVE-2023-21437
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast...
CVE-2023-21439
Improper input validation vulnerability in UwbDataTxStatusEvent prior to SMR Feb-2023 Release 1 allows attackers to launch certain activities...
CVE-2023-21440
Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture...
CVE-2023-21435
Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log...
Improper access control
Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture...
Input validation
Improper input validation vulnerability in UwbDataTxStatusEvent prior to SMR Feb-2023 Release 1 allows attackers to launch certain activities...
Improper access control
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast...
Design/Logic Flaw
Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID...
Input validation
Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder...
Information disclosure
Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log...
CVE-2023-21435
Exposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory address information via log...
PT-2023-18207 · Unknown · Windowmanagerservices
Name of the Vulnerable Software and Affected Versions: WindowManagerService versions prior to SMR Feb-2023 Release 1 Description: The issue is related to improper access control in the WindowManagerService, allowing attackers to capture the screen. Recommendations: For versions prior to SMR...
CVE-2023-21438
CVE-2023-21438 : Samsung Mobile devices with affected HomeScreen prior to SMR Feb-2023 Release 1 expose a logic flaw that lets a physical attacker access an App preview guarded by Secure Folder. The issue is described as improper logic in HomeScreen, enabling access to protected previews. Public ...
CVE-2023-21436
CVE-2023-21436 affects Samsung Contacts prior to SMR Feb-2023 Release 1, due to improper usage of implicit intents that allows a local attacker to obtain an account ID. Connected sources indicate the issue impacts Samsung Mobile devices and that updates addressing it were included in SMR Feb-2023...
CVE-2023-21437
Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast...
CVE-2023-21435
CVE-2023-21435 concerns the Samsung Fingerprint TA prior to the SMR Feb-2023 Release 1. The issue, described across multiple sources, is an information-disclosure flaw where an attacker could access memory address information via device logging. The vulnerability affects the Fingerprint TA compon...